The unprecedented rise in attacks continues to accelerate at an almost unchecked rate. Heightened awareness across a rapidly changing attack surface is therefore essential.
The plethora of terms and acronyms can serve to confuse e.g. Phishing, Spear Phishing, Whale Phishing, Ransomware, Man in the Middle exploits etc. etc.
What is clear is that this faceless crime which promises the potential of very high payback is no longer the domain of bored teenagers in darkened bedrooms but is now the province of organised criminal gangs.
A brief foray onto the dark web reveals DDoS (Distributed Denial of Service) and Email Phishing attacks available “as a service” for a relatively modest fee. The sophistication of these operations is such that the cyber criminals behind these operations offer 24x7x365 service desks who are on hand to help you deliver the payload in the most effective and efficient way!
All this activity can insight feelings of paranoia and ever-increasing costs as we try to defend against a rapidly changing threat landscape.
Effective methods are required to help organisations understand the threat landscape, attack vectors and threat actors which impact their businesses. The probability, impact and cost of threats occurring when assessed against an organisation’s risk appetite allows effective controls to be designed and implemented to help mitigate against accepted threats.
The reality however is that many of the exploits can be mitigated by taking simple steps – many of which are overlooked by businesses and individuals alike.
As a simple starting point...
1: Ensure that your systems (servers, desktops and laptops) are patched:
- Ensure that you have a patching regime in place that is followed and checked
- Pay attention to critical and security patches
- Ensure that all systems are patched, on premise, in the Cloud and as part of your supply chain
2: Ensure that all systems have anti-virus and anti-malware software installed and that this software is up to date with the latest signatures:
- In addition to servers, desktops and laptops, ensure that inbound and outbound traffic such as email is scanned against the latest virus and malware signatures as well as anti-spoofing and anti-phishing blocking
- Implement network boundary controls such as Intruder detection IPS/ IDS – these often come as part of your firewall solutions
- Regularly inspect the logs to help detect patterns
3: Ensure that your systems are backed up. Understand how far you may need to roll back data and put a backup plan in place to reflect this. Importantly:
- Test your backups regularly
- Ensure that you perform test restores of files and critical systems to ensure that you can recover from an attack in the shortest period of time possible
4: In support of these simple tasks:
- Maintain awareness of current and emerging threats in cyber space across your business and at home, and plan accordingly
- Ensure that staff are aware of the threats and operate with security firmly in mind
- Encourage a “circle of distrust” around inbound material. If it looks suspicious, it probably is. If the communication is unexpected, question it